mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-01-01 06:42:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
39,527 Commits 43 Branches 633 Tags
Commit Graph

77 Commits

Author SHA1 Message Date
Przemyslaw Pawelczyk
0f920d3abe main/[various]: bump pkgrel for pre-install fixes 2016-04-25 07:11:16 +00:00
Przemyslaw Pawelczyk
da4e96aace Reorder arguments passed to addgroup/adduser in scripts. 
Now all invocations have following order of arguments (if present):

    addgroup -S -g ... GROUP
    adduser -S -u ... -D -H -h ... -s ... -G ... -g ... USER
 2016-04-25 06:56:47 +00:00
Przemyslaw Pawelczyk
a60b9f07de Improve consistency of scripts using adduser/addgroup. 
Following rules have been applied:
- script starts with shebang !#/bin/sh followed by blank line,
- script ends with exit 0 prepended by blank line,
- only stderr of adduser, addgroup or passwd is redirected to /dev/null,
- getent passwd/group instances has been removed,
- manual checking of file and group existence has been removed,
- `|| true` instances has been removed.

Comments and line wrapping have been preserved.
 2016-04-25 06:55:43 +00:00
Przemyslaw Pawelczyk
a593d306c9 Add -g option (GECOS/comment) to adduser in scripts. 
This way we can avoid ugly default:

    Linux user,,,
 2016-04-25 06:54:18 +00:00
Przemyslaw Pawelczyk
ccc056dbf9 Add lacking -S option (system) to adduser/addgroup in scripts. 
Groups and users created by packages shouldn't use high ids by default
(unless explicitly requested), to distinguish them from groups and users
created by administrators for humans.

Following 41 files lacked -S next to addgroup:
- community/sword/sword.pre-install
- main/amavisd-new/amavisd-new.pre-install
- main/chrony/chrony.pre-install
- main/cvechecker/cvechecker.pre-install
- main/dnsmasq/dnsmasq.pre-install
- main/freeradius/freeradius.pre-install
- main/gdnsd/gdnsd.pre-install
- main/haproxy/haproxy.pre-install
- main/haproxy/haproxy.pre-upgrade
- main/kamailio/kamailio.pre-install
- main/logcheck/logcheck.pre-install
- main/mlmmj/mlmmj.pre-install
- main/nrpe/nrpe.pre-install
- main/open-vm-tools/open-vm-tools.pre-install
- main/postgrey/postgrey.pre-install
- main/privoxy/privoxy.pre-install
- main/redis/redis.pre-install
- main/samba/winbind.pre-install
- main/sircbot/sircbot.pre-install
- main/smokeping/smokeping.pre-install
- main/squark/squark.post-install
- main/squid/squid.pre-install
- main/squid/squid.pre-upgrade
- main/subversion/subversion.pre-install
- main/trac/trac.pre-install
- main/vsftpd/vsftpd.pre-install
- main/zabbix/zabbix-agent.pre-install
- testing/3proxy/3proxy.pre-install
- testing/cluster-glue/cluster-glue.pre-install
- testing/elasticsearch/elasticsearch.pre-install
- testing/emby/emby.pre-install
- testing/gdnsd/gdnsd.pre-install
- testing/icinga2/icinga2.pre-install
- testing/lusca/lusca.pre-install
- testing/lusca/lusca.pre-upgrade
- testing/mongodb/mongodb.pre-install
- testing/openxcap/openxcap.pre-install
- testing/prosody/prosody.pre-install
- testing/rancid/rancid.pre-install
- testing/rutorrent/rutorrent.pre-install
- testing/zabbix/zabbix-agent.pre-install

Following 60 files lacked -S next to adduser:
- community/caddy/caddy.pre-install
- community/domoticz/domoticz.pre-install
- community/minetest/minetest-server.pre-install
- community/oscam/oscam.pre-install
- community/seafile/seafile-server.pre-install
- community/syncthing/syncthing.pre-install
- main/apache2/apache2.pre-install
- main/aports-build/aports-build.pre-install
- main/atheme-iris/atheme-iris.pre-install
- main/bind/bind.pre-install
- main/clamav/clamav-db.pre-install
- main/clamsmtp/clamsmtp.pre-install
- main/clamsmtp/clamsmtp.pre-upgrade
- main/coova-chilli/coova-chilli.pre-install
- main/cvechecker/cvechecker.pre-install
- main/dhcp/dhcp.pre-install
- main/distcc/distcc.pre-install
- main/djbdns/dnscache.pre-install
- main/djbdns/tinydns.pre-install
- main/dovecot/dovecot.pre-install
- main/ez-ipupdate/ez-ipupdate.pre-install
- main/fetchmail/fetchmail.pre-install
- main/freeswitch/freeswitch.pre-install
- main/gitolite/gitolite.pre-install
- main/gnats/gnats.pre-install
- main/gross/gross.pre-install
- main/icecast/icecast.pre-install
- main/kamailio/kamailio.pre-install
- main/lighttpd/lighttpd.pre-install
- main/mariadb/mariadb.pre-install
- main/memcached/memcached.pre-install
- main/ngircd/ngircd.pre-install
- main/nrpe/nrpe.pre-install
- main/openntpd/openntpd.pre-install
- main/postgrey/postgrey.pre-install
- main/snort/snort.pre-install
- main/squid/squid.pre-install
- main/squid/squid.pre-upgrade
- main/subversion/subversion.pre-install
- main/trac/trac.pre-install
- main/transmission/transmission-daemon.pre-install
- main/ympd/ympd.pre-install
- main/znc/znc.pre-install
- testing/at/at.pre-install
- testing/buildbot-slave/buildbot-slave.pre-install
- testing/buildbot/buildbot.pre-install
- testing/clapf/clapf.pre-install
- testing/cluster-glue/cluster-glue.pre-install
- testing/dbmail/dbmail.pre-install
- testing/dspam/dspam.pre-install
- testing/ejabberd/ejabberd.pre-install
- testing/emby/emby.pre-install
- testing/mongodb/mongodb.pre-install
- testing/opensips/opensips.pre-install
- testing/pdns/pdns.pre-install
- testing/prosody/prosody.pre-install
- testing/qpage/qpage.pre-install
- testing/rrdbot/rrdbot.pre-install
- testing/wt/wt.pre-install
- unmaintained/ejabberd-git/ejabberd-git.pre-install
 2016-04-25 06:53:54 +00:00
Natanael Copa
c99a79bf99 main/bind: security upgrade to 9.10.3_p4 (CVE-2016-1285,CVE-2016-1286,CVE-2016-2088) 
fixes #5243
 2016-03-10 16:27:54 +00:00
Kaarle Ritvanen
13d11a508c main/bind: remove /var/log/named 
not used by default configuration
 2016-02-04 20:33:15 +02:00
Natanael Copa
dff85e5b60 main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705) 2016-01-20 16:33:25 +00:00
Natanael Copa
56b8e7f4f6 main/bind: security upgrade to 9.10.3_p2 (CVE-2015-8461,CVE-2015-8000) 
fixes #4956
 2015-12-16 12:54:24 +00:00
Sören Tempel
934cc31529 main/bind: move dnssec to -tools subpackage 2015-11-16 12:54:42 +00:00
Natanael Copa
b0f104df0d main/bind: upgrade to 9.10.3 2015-09-17 07:59:48 +02:00
Bartłomiej Piotrowski
b4a13e7314 Do not delete *.la files manually 
Since abuild v2.22.0, these are removed automatically unless 'libtool'
option has been specified.
 2015-09-10 13:59:03 +02:00
Natanael Copa
248c2164f0 main/bind: upgrade to 9.10.2_p4 2015-09-07 10:44:46 +02:00
Natanael Copa
c5b5874d38 main/bind: user libcap for capabilities 2015-08-13 13:59:07 +02:00
Natanael Copa
92d16bbedf main/bind: upgrade to 9.10.2_p3 2015-07-29 14:41:17 +00:00
Natanael Copa
6bbb06c125 main/bind: security upgrade to 9.10.2_p2 (CVE-2015-4620) 2015-07-08 14:32:29 +00:00
Natanael Copa
6aaecf49df main/bind: enable caps 
Neeed for -u option with multithread:

named: -u with Linux threads not supported: no capabilities support or
capabilities disabled at build time

ref #4281
 2015-06-23 06:49:39 +00:00
Natanael Copa
872585a819 main/bind: upgrade to 9.10.2_p1 2015-06-12 10:47:37 +00:00
Natanael Copa
6bf81f56e8 main/*: replace all sbin/runscript with sbin/openrc-run 2015-04-28 14:34:51 +00:00
Natanael Copa
99e9f3274a main/bind: upgrade to 9.10.2 2015-03-11 15:23:08 +00:00
Natanael Copa
83f598bac3 main/bind: enable threads 2015-03-11 15:23:08 +00:00
Natanael Copa
7ee3170459 main/bind: enable filter AAAA 
ref #3955
 2015-03-11 15:22:49 +00:00
Carlo Landmeter
525eb60df7 main/bind: upgrade to 9.10.1_p2 2015-02-23 10:00:28 +00:00
Natanael Copa
027bd75cb9 main/bind: upgrade to 9.10.1_p1 2014-12-09 14:04:46 +00:00
Natanael Copa
12fedd16ba main/bind: rebuild against krb5-1.13 2014-11-10 14:56:58 +00:00
Hugo Landau
10f550c471 bind: Modify default config to be more secure 
By default BIND will happily serve as both an authoritative nameserver
and recursive resolver, but this is no longer a recommended or desirable
configuration. The previous default configuration did not draw attention
to this fact and the issues involved.

Users are now made to rename one of two sample configuration files,
named.conf.authoritative or named.conf.recursive. Comments inside either
file advise DNS administrators of the most prevalent security issues.

This ensures that users setting up an authoritative nameserver do not
unwittingly also operate a resolver. In the previous default
configuration, BIND would happily perform recursive resolution for
localhost, which means that the local machine may receive
non-authoritative data from what is supposed to be an authoritative
nameserver.

Both default configurations disable zone transfers by default, as BIND
defaults to enabling them for any host (!).
 2014-10-16 19:05:10 +00:00
Natanael Copa
49833591ff main/bind: upgrade to 9.10.1 2014-09-23 11:26:14 +00:00
Natanael Copa
6f89add111 main/bind: remove duplicate depend function 2014-06-19 08:30:19 +00:00
Natanael Copa
a628be65ae main/bind: upgrade to 9.10.0_p2 2014-06-12 12:11:02 +00:00
Natanael Copa
6abfda6f33 main/bind: upgrade to 9.10.0_p1 2014-05-22 12:35:00 +00:00
Natanael Copa
89e34a23bf main/bind: upgrade to 9.10.0 2014-05-01 08:40:37 +00:00
Natanael Copa
93a7a06991 main/bind: upgrade to 9.9.5 2014-02-03 10:59:43 +00:00
Natanael Copa
e7ef39f84e main/bind: security upgrade to 9.9.4_p2 (CVE-2014-0591) 
ref #2604
 2014-01-15 13:12:29 +00:00
Fabian Affolter
bbe4ea51fb main/bind: specify license 2013-12-03 14:39:33 +00:00
Natanael Copa
b825d06115 main/bind: upgrade to 9.9.4_p1 2013-11-07 09:14:14 +00:00
Natanael Copa
f86141b3d6 main/bind: upgrade to 9.9.4 2013-09-24 07:02:51 +00:00
Natanael Copa
518b9b83cc main/bind: use /sbin/nologin as shell 2013-09-04 11:46:33 +00:00
Natanael Copa
794a036321 main/bind: use /sbin/nologin as shell 2013-09-03 07:47:11 +00:00
Timo Teräs
5c90471732 [all autotools packages]: normalize ./configure 2013-07-30 08:54:53 +00:00
Natanael Copa
6f4a5f3bb4 main/bind: security upgrade to 9.9.3_p2 (CVE-2013-4854) 
fixes #2174
 2013-07-29 06:20:58 +00:00
Natanael Copa
6f22508d6b main/bind: upgrade to 9.9.3_p1 2013-06-05 14:13:49 +00:00
Natanael Copa
87776a43ce main/bind: upgrade to 9.9.3 2013-05-29 07:14:44 +00:00
Natanael Copa
aed44ac288 main/bind: upgrade to 9.9.2_p2 2013-04-01 15:33:35 +00:00
Natanael Copa
91378f2eaa main/bind: upgrade to 9.9.2_p1 2012-12-07 08:23:00 +00:00
Natanael Copa
ecbc84a7f4 main/bind: upgrade to 9.9.2 2012-10-10 18:08:45 +00:00
Natanael Copa
8884830dce main/bind: upgrade to 9.9.1_p3 2012-09-13 09:31:31 +00:00
Natanael Copa
1045ace4f2 main/bind: upgrade to 9.9.1_p2 2012-07-25 09:07:54 +00:00
Natanael Copa
b237d54471 main/bind: upgrade to 9.9.1_p1 2012-06-05 09:43:40 +00:00
Natanael Copa
6b0729497c main/bind: upgrade to 9.9.1 2012-05-22 06:32:50 +00:00
Natanael Copa
0c2a46ee5c main/bind: cleanup and fix named.initd stop 2012-03-14 21:23:57 +00:00